MariaDB has now pubished this page that tracks CVE (Oracle issued and others) to MariaDB releases, also post-release: https://mariadb.com/kb/en/mariadb/development/security/
We are in the process of uploading MariaDB 10.0 to unstable very soon, and that will depricate MariaDB 5.5 so I do not plan to upload MariaDB 5.5.40 at the moment. If MariaDB 10.0 is stalled for some reason, I will upgrade and upload MariaDB 5.5.40 into unstable which will fix some security issues. >From 5.5.40 on it seems the CVE information is also available in the release notes: https://mariadb.com/kb/en/mariadb/development/release-notes/mariadb-5540-release-notes/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
